Massive Browser Attack Hits 90,000 Web Pages

Below:

Next story in Security

A massive, unsettling malware campaign is spreading across the
Web, and so far more than 90,000 online commerce websites have
been compromised.

The attack, according to the researchers at the security firm
Armorize who detected it, is corrupting Web pages through
malicious iFrames that point to a website called willysy.com.

An iFrame is a line of code inserted into a Web page that loads
data from another site; usually iFrames are benign, but in the
hands of
devious online criminals, they can become covert ways to
ensnare victims.

If a user lands on a Web page with an
infected iFrame lurking beneath, the iFrame can automatically
download dangerous malware onto the user's system.

This iFrame attack — they're also called mass injection attacks —
is exploiting vulnerabilities in Java, Adobe PDF, Microsoft
Internet Explorer and other common programs, and is targeting
online commerce sites.

To limit your chances of becoming a victim of this mass injection
attack, it's necessary to use a
strong anti-virus program and keep it up to date. An added
precaution, and one that would mitigate the danger if infected by
malware, would be to dedicate an administrative account solely
for installing software, and otherwise using a standard personal
account that cannot install software.